Electronic mail (e-mail) systems are used to compose, send, and receive messages between computing devices over a computer network. Authors and recipients use e-mail systems to exchange digital messages over computer networks such as the Internet. E-mail may be the most heavily used feature of the Internet. Millions of people send and receive e-mail every day. When a user sends an email message, an Internet standard for electronic mail, such as Simple Mail Transfer Protocol (SMTP) sends the message to a mail server for relaying. The transmitted message is broken into packets over a transmission control protocol (TCP) connection, and the Internet protocol (IP) delivers the packets to the proper location(s), and the TCP then reassembles the message at the receiving computing device so that a recipient can read the message.
E-mail messages can include one or more attachments, in the form of documents or files. When sending email messages with attached documents or files, the attachments and files are often encoded using an Internet standard such as Multipurpose Internet Mail Extensions (MIME). MIME extends the format of e-mail to support non-standard character sets, non-text attachments, messages bodies with multiple parts, header information, and the like. When the email message is received by the recipient, the attachment(s) are decoded in a similar fashion.
In the past, electronic mail transmission and delivery was not secure. Transmission and delivery of email messages was often routed through intermediate relay points, such as mail submission agents, DNS servers, message transfer agents, message delivery agents, and other servers used to bridge smaller networks. Often, persistent copies of the email message are made and potentially stored at the intermediate relay points. Nefarious characters could read email messages when these messages traveled on public networks. Other ne'er do wells could intercept email messages and change the contents of the message between the time the sender composes the message and the time the recipient reads it. Encrypting email messages by scrambling the message provided a measure of success in ensuring that only the sender and receiver could read the messages. One type of encryption uses software keys with which to encrypt email messages. The keys include a public key and a private key. The public key is available for anyone to use to encrypt the email message when sending it, but only a recipient that holds a private key is able to decrypt the email message to read it. In practice, the communication can start with one side generating and sending a symmetric “session” key encrypted with a known public key of a recipient. Only the recipient can decrypt this message, so the session key is “safe” as it is transmitted in encrypted form. Once the recipient receives the session key, the sender and the recipient can use the session key to apply the encryption algorithm to send and receive email messages to and from each other. The email messages are sent over the computer network. While the email is on the computer network, the email is encrypted so that any shady character that reads the email will not be able to understand it.
When verifying that the contents of a message were written by a particular user and unaltered by any other user, it is necessary to agree upon a signature and hash algorithm. The signature is used to verify the authenticity of the message, and the hash algorithm is used to verify the integrity of the message.
For signature algorithms, asymmetric algorithms are typically used. These algorithms utilize a public key and a secret key. A signature algorithm combined with a secret key allows someone to generate a digital signature for the contents of a message. The party that anticipates receiving an email message creates the public key and the associated secret key. When another party wants to send a secure email to the creator of the keys, that party encrypts the email using the recipient's public key and sends the message. The recipient decrypts the message using the private key. The need to exchange asymmetric key pair information prior to sending a secure email creates network friction that has restricted secure email adoption to a very small specialized market. A signature algorithm combined with a public key allows someone to verify the digital signature for a message. Signature algorithms are one way functions. A user cannot reconstruct the input to a signature function by looking at its output.
Hash algorithms are also called message digest algorithms. These algorithms compute a checksum on their input; no keys are involved. Hash algorithms are also one way functions, and a robust hash algorithm is one in which very similar inputs produce dramatically different outputs. For example, if even a single bit of the message file is altered or corrupted in transit, the hash value should be very different.
Digital certificates also provide an additional level of security. Digital certificates use a digital signature to bind a public key with an identity. The certificate can be used to verify that a public key belongs to a particular individual and that individual is who he says he is. Digital certificates place information on a sender or a recipient's computer and use encryption to create a unique digital certificate for that person from the stored information. When that person goes to a web site or sends an email, the digital certificate is presented to the site or attached to the email, and the certificate verifies that the user is who he claims to be.
However, not all email programs are good at reading signed or encrypted email. An additional encryption/decryption piece of software is required to provide this functionality. Further, if a recipient does not have a valid certificate, or has conflicting or unsupported encryption capabilities, the email message will not be properly received or viewed.
Also, many e-mail systems and methods do not provide verification that an electronic message was received by the intended recipient nor do they provide the sender of the email with an authentication message to indicate that the delivered message was not intercepted or altered. In these current email systems, the message sender cannot demonstrate that the intended receiver actually received the encrypted message sent. The server from which the email was originally sent has to trust that the system and user requesting an encryption key associated with the email previously transmitted actually has the message that corresponds to the encryption key. Confidential email with suitable tracking verification and authentication is not provided. Additionally, private messaging—that is, the ability to send messages without others knowing you are doing so—is not possible with current messaging schemes.
A secure email program should be nonintrusive and transparent. Different approaches have been used in the past to provide secure email transmission and delivery.